Tag: Security, Security / Home

Security

NAVIGATION
CATEGORIES
REFERRENCE
LINKS
Home » Security

  • Putty Proxy login/passworddiscolsure....(Answer from PUTTY Staff)

    1 answers - 546 bytes - related search similar search Add To My Delicious Add To My Stumble Upon Add To My Google Mark Add To My Facebook Add To My Digg Add To My Reddit

    Hi,
    I come to report a little strange discolsure discovered by my
    co-worker Fx0day.
    When you save session informations under putty and you need proxy
    for a session,
    We can find in plain clear text the login and password proxy auth in
    the windows
    database register.
    Strange to see a good ssh client storing plain clear text < hot >
    informations !!
    Unfortunately, there's no way to encrypt it securely, because there's
    nowhere safe to store an encryption key.
    Cheers,
    Simon

  • No.1 | | 960 bytes | |

    Why can't you generate the encryption key from a passphrase?

    Matthew Flaschen

    Antoine SANT wrote:
    >Hi,
    >>
    >I come to report a little strange discolsure discovered by my
    >co-worker Fx0day.
    >>
    >When you save session informations under putty and you need proxy
    >for a session,
    >We can find in plain clear text the login and password proxy auth in
    >the windows
    >database register.
    >>
    >Strange to see a good ssh client storing plain clear text < hot >
    >informations !!

    Unfortunately, there's no way to encrypt it securely, because there's
    nowhere safe to store an encryption key.

    Cheers,
    Simon

    Full-Disclosure - We believe in it.
    Charter:
    Hosted and sponsored by Secunia - http://secunia.com/

Re: Putty Proxy login/passworddiscolsure....(Answer from PUTTY Staff)


max 4000 letters.
Your nickname that display:
In order to stop the spam: 3 + 2 =
QUESTION ON "Security"

EMSDN.COM